package com.zhiyou.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
@RequestMapping("/shiro")
public class ShiroController {

    @RequestMapping("/login")
    public String login(String username,String password){
        System.out.println("controller===============login===========");
        //判断当前用户是否认证
        Subject subject= SecurityUtils.getSubject();
        if (!subject.isAuthenticated()){
            //参数都是来自页面前端的
            //封装到token中
            //参数一是用户名密码
            //参数二是密码
            //都是前端页面
            UsernamePasswordToken token=new UsernamePasswordToken(username,password);
            subject.login(token);
        }
        return "redirect:/list.jsp";
    }
}
